xenorat | 186e1599e1ddb0030f0c4c514bf9a2158f12ebc29b3e1c86ffa34562599cf79c | Triage

Submit
Reports

Overview

overview

Static

static

Vape Launcher.rar

windows10-2004-x64

Sharing

General

Target

Vape Launcher.rar
Size

18KB
Sample

240430-3l7ddace55
MD5

2a2f0ec4d7927f2a6cacc44767a12388
SHA1

0ef4541bbff76920499bd37d8959f4d0f21bc90b
SHA256

186e1599e1ddb0030f0c4c514bf9a2158f12ebc29b3e1c86ffa34562599cf79c
SHA512

f4bb2fa1ad26f98e2e519da36a2092ec1bb354f1cfa7c231d84e1a649b6bc752ef8b95178d1413db59dddb7606f62990290471cc45c8425278ffb60cbdebf550
SSDEEP

384:0tmxT9fHe47EdINnygB0WKGrYMRSnYez1+rZ/OfVeraYDPvn/qSicvgDilq/RY:0tIR+478QyCzl0MFezOqVeraYDPv/ziM

Score

10^/10

xenorat rat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Vape Launcher.rar

Resource

win10v2004-20240426-en

xenorat rat trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

xenorat

C2

127.0.0.1

Mutex

VapePatcher

Attributes

delay
5000
install_path
appdata
port
6666
startup_name
Minecraft Launcher

Targets

- Target
  
  Vape Launcher.rar
- Size
  
  18KB
- MD5
  
  2a2f0ec4d7927f2a6cacc44767a12388
- SHA1
  
  0ef4541bbff76920499bd37d8959f4d0f21bc90b
- SHA256
  
  186e1599e1ddb0030f0c4c514bf9a2158f12ebc29b3e1c86ffa34562599cf79c
- SHA512
  
  f4bb2fa1ad26f98e2e519da36a2092ec1bb354f1cfa7c231d84e1a649b6bc752ef8b95178d1413db59dddb7606f62990290471cc45c8425278ffb60cbdebf550
- SSDEEP
  
  384:0tmxT9fHe47EdINnygB0WKGrYMRSnYez1+rZ/OfVeraYDPvn/qSicvgDilq/RY:0tIR+478QyCzl0MFezOqVeraYDPv/ziM
Score

10^/10

xenorat rat trojan
- XenorRat
  XenorRat is a remote access trojan written in C#.
  trojan rat xenorat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xenoratrattrojan

© 2018-2025

Terms | Privacy